Importance of cryptography in software development. Usage.
Before explaining applied cryptography in software, I’ll present you general importance of cryptography and cryptanalysis. These two domains are somehow unknown or ignored by the large public and the majority of today’s inexperienced software developers. Why? Because these domains throughout history where “private” domains, they weren’t open to the public. Today, only the “masters” in math can make and proof an encryption’s security and this is a fact the software developer must understand.
I’ll continue with the importance. History was somewhat rewritten by cryptographers or cryptanalysts. In 1586 Marie Stuart was killed because of the use of a pour encryption and because cryptanalysts found a way to break it. The next example is one that most of you know: World War II, the Enigma encryption machine and algorithm was broken by English cryptanalysts. If there wasn’t for cryptography and cryptanalysis then World War II could have finished totally different.
If this still doesn’t make “the difference” then think what could have become of the world and secret services if we could simply sniff secret services documents and simply read them without anyone stopping us.
I’m sure now you understand why I am writing this post. My advice: make or use a strong encryption if you develop security software.
There are various cryptanalysis attacks for example: differential cryptanalysis, birthday attack, side channel attacks, frequency analysis, etc. None of these attacks are based on brute force attacks so be careful! A brute force attack is totally inefficient in many cases; don’t rely that the attacker will use brute force attack to break an encryption because he simply won’t!
As IT developed it seemed that a good encryption is one that is made by a mathematician not a programmer (sometimes a programmer is also a good mathematician but I’m not referring to those cases). All the very good encryptions have a strong base of math algorithms (I’ll name just a few of them: AES, RSA, Blowfish etc.).
If you use encryption in a software, use it wisely, don’t use encryption for an options file because it really isn’t necessary (those kind of files really are no importance to the program’s security).
Use encryptions in security software like: Instant Messaging, Files Encryption, etc.